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REMARKS 

Claims 1-7, 9-14, 16-20 and 24-31 are pending in the application. Reconsideration 
and withdrawal of the rejections are respectfully requested in view of the amendments and 
remarks herein. 

Claim Re jections - 35 U.S.C £ 102 
Claims 1, 3, 9, 11,13, 17, 25 and 26 stand rejected under 35 U.S.C. § 102(a) as 
allegedly anticipated by "Assertions and Protocol for the OASIS Security Assertion Markup 
Language (SAML)" published November 5, 2002 ("SAML-Publication"). This rejection is 
respectfully traversed. 

Applicants again note that a "claim is anticipated only if each and every element as set 
forth in the claim is found, either expressly or inherently described, in a single prior art 
reference," 1 and that "[t]he identical invention must be shown in as complete detail as is 
contained in the ... claim," 2 when applying a reference under 35 U1S.C. § 102. As discussed 
in further detail below, the SAML-Publication fails to set forth each and every element of any 
of claims 1,13,17 and 25, and fails to show the identical invention in as complete detail as is 
contained in any of claims 1,13,17 and 25. 

As discussed in further detail herein, the SAML fails to disclose several features of 
each of claims 1, 13., 17 and 25, as presented in Applicants' previous response. However, and 
in a genuine effort to further prosecution of the instant patent application, each of claims 1, 
13, 17 and 25 has been amended herein to more clearly define the invention. More 
specifically, each of claims 1,13 and 17 has been amended to provide the features of 
executing a non-acti vatable checkpoint, and selectively executing at least one checkpoint of 
the plurality of checkpoints based on an activation status of the checkpoint group. Claim 25 
has been amended to provide the feature of adding to the computer program at least one 
checkpoint as a non-activatable checkpoint, which non-acti vatable checkpoint is executed 
regardless of an activation status of the checkpoint group. 



1 Verdegaal Bros, v. Union Oil Co. of California, 814 F.2d 628, 631, 2 USPQ2d 1051, 1053 (Fed. Cir. 1987) 

2 Richardson v. Suzuki Motor Co., 868 F.2d 1226, 1236, 9 USPQ2d 1913, 1920 (Fed. Cir. 1989) 
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The SAML-Publication provides a specification of an initial version of the Security 
Assertion Markup Language (SAML). SAML is an XML-based standard for exchanging 
security information (e.g., authentication and authorization data) between security domains 
(i.e., between an identity provider and a service provider) (SAML-Publication, at 236-237). 
The security information is expressed in the form of assertions about subjects, where the 
subject is an entity (i.e., human or computer) (SAML-Publication, at 237-238). The SAML 
standard defines XML-based assertions and protocols, bindings, and profiles. A major goal of 
the SAML standard is single sign-on (SSO), which is the ability of a user to authenticate in 
one domain and use resources in other domains without re-authenticating (SAML-Publication, 
at 259-260). 

A SAML protocol describes how certain SAML elements, including assertions, are 
packaged within SAML request and response elements. Generally, a SAML protocol is a 
simple request-response protocol (SAML-Publication, at page 24). The main type of SAML 
protocol request is a query, wherein a service provider makes a query directly to an identity 
provider over a secure back channel. The result of an attribute query is a SAML response 
containing an assertion. 

The SAML assertions convey information about authentication acts performed by 
subjects (i.e., human or computer), attributes of subjects, and authorization decisions about 
whether subjects are allowed to access certain resources (SAML-Publication, at 241-242). 
The assertion contains a packet of security information, and is transferred from the identity 
provider to the service provider in response to a query protocol (SAML-Publication, at page 
1 0). Assertions contain three types of statements that correspond to the three types of SAML 
queries: authentication statements; attribute statements; and authorization decision statements 
(SAML-Publication, at 291-295). Each- assertion has a nested structure including an outer 
generic element providing information common to all statements within a single assertion, 
and an inner element representing each of the authentication, attribute, and authorization 
decision statements (SAML-Publication, at 296-298). 

Accordingly, the SAML standard provides a framework for exchanging security 
information between a requestor and a SAML authority. More specifically, the requestor 
(e.g., a service provider) generates a request, or query. The SAML authority (e.g., human or 
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computer) responds to the request by issuing an assertion that contains security information. 
Consequently, the SAML-Publication is not directed to selectively activating checkpoints that 
are embedded within an executable computer program, as is the present invention. As such, 
and as discussed in further detail below, the SAML-Publication fails to disclose claim features 
relevant to the selective activation of checkpoints that are embedded within an executable 
computer program. 

The SAML-Publication fails to disclose the feature of establishing a plurality of 
checkpoints in a computer program, with each checkpoint in the plurality of checkpoints 
including an assertion statement. Instead, and as noted above, the assertion of SAML is 
generated in response to a query from a service provider. Consequently, SAML does not pre- 
establish checkpoints in a computer program, which checkpoints already include an assertion 
statement Further, SAML could not already include;pre-established assertion statements, 
because the content of each assertion statement is dependent upon the particular query, which 
is unknown until received by the SAML authority (i.e., human or computer). 

The SAML-Publication also fails to disclose the feature of assigning each checkpoint 
in the plurality of checkpoints to a checkpoint group, the assignment of each checkpoint to a 
checkpoint group being specified in the statement defining the respective checkpoint. As 
discussed in detail above, each assertion of SAML includes a nested structure having inner 
and outer elements. The SAML-Publication, however, does not describe each assertion as 
being a member of a group of assertions. In fact, the SAML-Publication could not disclose 
such a feature. More specifically, each SAML assertion is provided as a unique response to a 
SAML query. Consequently, SAML assertions could not be pre-grouped. In view of this, the 
SAML-Publication also cannot disclose the features of associating each such checkpoint 
group with one of a plurality of activation variants, much less with activation variants that 
indicate a behavior based on a result of the assertion statement^ wherein checkpoint groups 
associated with an activation variant behave in accordance with the activation variant. 

The SAML-Publication further fails to disclose the newly amended features of 
executing a non-activatable checkpoint, and selectively executing at least one checkpoint of 
the plurality of checkpoints based on an activation status of the checkpoint group (see claims 
1 , 1 3 and 1 7), or adding to the computer program at least one checkpoint as a non-activatable 
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checkpoint, which non-activatable checkpoint is executed regardless of an activation status of 
the checkpoint group (see claim 25). Initially, the SAML-Publication does not delineate the 
S AML assertions as being activatable or non-activatable. Further, the SAML assertions are 
issued by the SAML authority (i.e., human or computer) in response to a SAML query. 
Consequently, the SAML assertions are not selectively issued based on an activation status of 
a group of SAML assertions. As noted above, the SAML-Publication does not group the 
S AML assertions; 

In view of the foregoing, SAML fails to set forth each and every element of any of 
claims 1, 13, 17 and 25, and fails to show the identical invention in as complete detail as is 
contained in any of claims 1, 13, 17 and 25. Therefore, reconsideration and withdrawal of the 
rejections are respectfully requested. 

Each of claims 3, 9, 11 and 26 ultimately depends from one of claims 1, 13, 17 and 25, 
which define over the asserted reference as discussed in detail above. Consequently, each of 
claims 3, 9^ 11 and 26 also define over the asserted reference for at least the same reasons. 
Therefore, reconsideration and withdrawal of the rejections are respectfully requested. 

Claim Rejections - 35 U.S.C. ft 103 

Claims 2, 4-7, 10-12, 14, 16, 18-20, 24, and 27-3 1 stand rejected under 35 U.S.C. § 
103(a) as being unpatentable over SAML in view of U.S. Pat. No. 6,378,125 to Bates et al. 
("Bates"). This rejection is respectfully traversed. 

Each of claims 2, 4-7, 10-12, 14, 16, 18-20, 24, and 27-31 ultimately depends from 
one of claims 1 , 13, 17 and 25, which define over the asserted reference ais discussed in detail 
above. Consequently, each of claims 2, 4-7, 10-12, 14, 16, 18-20, 24, and 27-31 also define 
over the asserted reference for at least the same reasons. Therefore, reconsideration and 
withdrawal of the rejections are respectfully requested. 



Other Claim Amendments 
Claim 1 has been amended to be directed to a computer-readable medium encoded 
with a computer program comprising instructions that, when executed, operate to cause a 
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computer to perform operations. Claims 2-7, 9, 27 and 28 have each been amended in view 
of amended claim 1. Claim 13 has been amended to claim "An apparatus:' 1 
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CONCLUSION 



All of the pending claims have been addressed. However^ the absence of a reply to a 



specific rejection, issue or comment does not signify agreement with or concession of that 
rejection, issue or comment. In addition, because the arguments made above may not be 
exhaustive, there may be reason for patentability of any or all pending claims that have not 
been expressed. Finally, nothing in this paper should be construed as an intent to concede any 
issue with regard to any claim, except as specifically stated in this paper, and the amendment 
of any claim does not necessarily signify concession of unpatentability of the claim prior to 
amendment. Applicants respectfully request consideration of all filed IDS' not previously 
considered, by initialing and returning each Form 1449. 

No charges are believed due. However, if any fees are due, they are being paid 
concurrently herewith on the Electronic Filing System (EFS) by way of Deposit Account 
authorization. Please apply all charges or credits to Deposit Account No. 06-1050, 
referencing Attorney Docket No. 13913-0083001. 



Respectfully submitted, 



Date: November 6, 2008 




^yan^Carthy 
Reg. No. 50,636 
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